CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
We have discovered 23,972 live websites that are affected by CWE-862.
CVEs
- Count - 13
CWE References
Countries
 United States | 8,957 websites |
 Germany | 1,902 websites |
 France | 1,396 websites |
 GB | 1,272 websites |
 Italy | 1,089 websites |
 Spain | 1,006 websites |
 Canada | 876 websites |
 Netherlands | 820 websites |
 Australia | 772 websites |
 Brazil | 385 websites |
TLDs
| .com | 10,123 websites |
| .org | 2,301 websites |
| .de | 1,251 websites |
| .it | 751 websites |
| .co.uk | 660 websites |
| .nl | 657 websites |
| .fr | 570 websites |
| .com.au | 554 websites |
| .net | 533 websites |
| .ca | 417 websites |
Newest CVEs
List of the most recent CVEs that are part of CWE-862| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Feb, 2024 | CVE-2023-47874 | WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Broken Access Control | 1,361 |
| Jan, 2024 | CVE-2022-36418 | WordPress HREFLANG Tags Lite Plugin <= 2.0.0 is vulnerable to Broken Authentication | 2,250 |
| Jan, 2024 | CVE-2024-0235 | EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure | 13,983 |
| Jan, 2024 | CVE-2024-0236 | EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure | 13,983 |
| Sep, 2023 | CVE-2023-4059 | Profile Builder < 3.9.8 - Unauthenticated Plugin's Pages Creation | 56 |
| Jul, 2023 | CVE-2023-2796 | EventON < 2.1.2 - Unauthenticated Event Access | 61 |
| Feb, 2023 | CVE-2022-4384 | Stream < 3.9.2 - Subscriber+ Alert Creation | 6,159 |
| Oct, 2022 | CVE-2022-3320 | Bypassing Cloudflare Zero Trust policies using warp-cli set-custom-endpoint command | 180 |
| Oct, 2022 | CVE-2022-3321 | Lock WARP switch feature bypass on WARP mobile client for iOS | 180 |
| Oct, 2022 | CVE-2022-3322 | Lock WARP switch bypass on WARP mobile client using iOS quick action | 180 |
The most widespread CVEs
List of the most common CVEs that are part of CWE-862| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Jan, 2024 | CVE-2024-0235 | EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure | 13,983 |
| Jan, 2024 | CVE-2024-0236 | EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure | 13,983 |
| Feb, 2023 | CVE-2022-4384 | Stream < 3.9.2 - Subscriber+ Alert Creation | 6,159 |
| Jan, 2024 | CVE-2022-36418 | WordPress HREFLANG Tags Lite Plugin <= 2.0.0 is vulnerable to Broken Authentication | 2,250 |
| Feb, 2024 | CVE-2023-47874 | WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Broken Access Control | 1,361 |
| Oct, 2022 | CVE-2022-3320 | Bypassing Cloudflare Zero Trust policies using warp-cli set-custom-endpoint command | 180 |
| Oct, 2022 | CVE-2022-3321 | Lock WARP switch feature bypass on WARP mobile client for iOS | 180 |
| Oct, 2022 | CVE-2022-3322 | Lock WARP switch bypass on WARP mobile client using iOS quick action | 180 |
| Oct, 2022 | CVE-2022-3337 | Lock WARP switch bypass by removing VPN profile on iOS mobile client | 180 |
| Oct, 2022 | CVE-2022-3512 | Lock WARP switch bypass using warp-cli 'add-trusted-ssid' command | 180 |
Websites affected by CWE-862
Top websites that are affected by CWE-862. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****.*********.org | United States | *** | |
| ***.******.com | United States | *,*** | |
| **********.com |  Ireland | **,*** | |
| *************.pl |  Poland | **,*** | |
| ***.**************.org | United States | **,*** | |
| ***.**************.com | United States | **,*** | |
| ***.********.com |  Austria | **,*** | |
| ***.*******.com | United States | **,*** | |
| ***.*****.com | United States | **,*** | |
| *********************.org | United States | **,*** |